/**
* authorization function verifies login & password and set user session data
* return map
*
*/
function doAuthorize(&$db, $login, $pwd)
{
$result = array('status' => tl::ERROR, 'msg' => null);
$_SESSION['locale'] = TL_DEFAULT_LOCALE;
if (!is_null($pwd) && !is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists) {
$password_check = auth_does_password_match($user, $pwd);
if ($password_check->status_ok && $user->isActive) {
// 20051007 MHT Solved 0000024 Session confusion
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
//Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
global $g_tlLogger;
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
setUserSession($db, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
}
return $result;
}
function attemptLogin()
{
$user = getUserByUsernameOrEmail($_POST['username']);
$login_ok = $user != null && isValidLogin($user, $_POST['password']);
if ($login_ok) {
setUserSession($user);
}
routeOnSuccessfulLoginOrReturnError($login_ok);
}
$gui->update_title_bar = 1;
break;
case 'changePassword':
$op = changePassword($args, $user);
$doUpdate = $op->status >= tl::OK;
break;
case 'genAPIKey':
$op = generateAPIKey($args, $user);
break;
}
if ($doUpdate) {
$op->status = $user->writeToDB($db);
if ($op->status >= tl::OK) {
logAuditEvent(TLS($op->auditMsg, $user->login), "SAVE", $user->dbID, "users");
$_SESSION['currentUser'] = $user;
setUserSession($db, $user->login, $args->userID, $user->globalRoleID, $user->emailAddress, $user->locale);
}
}
$gui->loginHistory = new stdClass();
$gui->loginHistory->failed = $g_tlLogger->getAuditEventsFor($args->userID, "users", "LOGIN_FAILED", 10);
$gui->loginHistory->ok = $g_tlLogger->getAuditEventsFor($args->userID, "users", "LOGIN", 10);
if ($op->status != tl::OK) {
$op->user_feedback = getUserErrorMessage($op->status);
}
$user->readFromDB($db);
// set a string if not generated key yet
if (null == $user->userApiKey) {
$user->userApiKey = TLS('none');
}
$gui->user_feedback = $op->user_feedback;
$smarty = new TLSmarty();
/**
* for SSL Cliente Certificate we can not check password but
* 1. login exists
* 2. SSL context exist
*
* return map
*
*/
function doSSOClientCertificate(&$dbHandler, $apache_mod_ssl_env, $authCfg = null)
{
global $g_tlLogger;
$result = array('status' => tl::ERROR, 'msg' => null);
if (!isset($apache_mod_ssl_env['SSL_PROTOCOL'])) {
return $result;
}
// With this we trust SSL is enabled => go ahead with login control
$authCfg = is_null($authCfg) ? config_get('authentication') : $authCfg;
$login = $apache_mod_ssl_env[$authCfg['SSO_uid_field']];
if (!is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($dbHandler, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists && $user->isActive) {
// Need to do set COOKIE following Mantis model
$auth_cookie_name = config_get('auth_cookie');
$expireOnBrowserClose = false;
setcookie($auth_cookie_name, $user->getSecurityCookie(), $expireOnBrowserClose, '/');
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
// Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
setUserSession($dbHandler, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
return $result;
}
/**
*
*/
function doUpdate(&$dbHandler, &$argsObj, $sessionUserID)
{
$op = new stdClass();
$op->user_feedback = '';
$op->user = new tlUser($argsObj->user_id);
$op->status = $op->user->readFromDB($dbHandler);
if ($op->status >= tl::OK) {
initializeUserProperties($op->user, $argsObj);
$op->status = $op->user->writeToDB($dbHandler);
if ($op->status >= tl::OK) {
logAuditEvent(TLS("audit_user_saved", $op->user->login), "SAVE", $op->user->dbID, "users");
if ($sessionUserID == $argsObj->user_id) {
$_SESSION['currentUser'] = $op->user;
setUserSession($dbHandler, $op->user->login, $argsObj->user_id, $op->user->globalRoleID, $op->user->emailAddress, $op->user->locale);
if (!$argsObj->user_is_active) {
header("Location: ../../logout.php");
exit;
}
}
}
$op->user_feedback = getUserErrorMessage($op->status);
}
return $op;
}
if (!$sameUsername && !$sameEmail) {
# Determine what the new account's initial rank should be. This equals
# the lowest rank in the ladder plus 1.
$getRanks = mysqli_query($connection, "SELECT MAX(rank) FROM player");
$maxRank = mysqli_fetch_array($getRanks);
$maxRank = $maxRank[0];
$newRank = $maxRank + 1;
# Insert the new user into the database, using the boolean return result
# from the query to determine whether registration of the account was
# successful.
$registerSuccess = mysqli_query($connection, "INSERT INTO player (name, email, phone, rank, username, password)\n VALUES ('{$playerName}', '{$email}', '{$phone}', '{$newRank}', '{$username}', '{$hashedPassword}')");
# If the account registration has been successfull, log the user into their
# new user account.
if ($registerSuccess) {
# Set the user sessions.
setUserSession($username, $hashedPassword);
}
} else {
$registerSuccess = false;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Wrath of Titans - Register</title>
<!-- CSS Inclusion -->
<link href="../../styles/reset.css" rel="stylesheet" type="text/css" />
<link href="../../styles/main.css" rel="stylesheet" type="text/css" />
<!-- /End CSS Inclusion -->
